package com.weiz.controller;

import com.weiz.dto.ReqUser;
import com.weiz.dto.RespUser;
import com.weiz.dto.LoginUser;
import com.weiz.dto.LoginRole;
import com.weiz.service.UserService;
import com.weiz.utils.JSONResult;
import com.weiz.utils.JwtUtils;
import com.weiz.utils.SecurityUtils;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;

@RestController
@Api(description = "登陆注册及刷新token")
@RequestMapping("/api/v1")
public class AuthController {
    @Value("${jwt.header}")
    private String tokenHeader;

    @Autowired
    private UserService userService;

    @Autowired
    private JwtUtils jwtTokenUtil;

    @Autowired
    private SecurityUtils securityUtils;

    @Autowired
    public AuthController(UserService userService) {
        this.userService = userService;
    }

    @PostMapping(value = "/login")
    @ApiOperation(value = "登陆", notes = "登陆成功返回token,登陆之前请先注册账号")
    public JSONResult login(@Valid @RequestBody ReqUser user){
        LoginUser loginUser = securityUtils.login(user.getName(),user.getPassword());
        String token = jwtTokenUtil.generateAccessToken(loginUser);
        //存储token
        jwtTokenUtil.putToken(user.getName(), token);
        RespUser respUser = new RespUser(token, loginUser);
        return JSONResult.ok(respUser);
    }

    @GetMapping(value = "/logout")
    @ApiOperation(value = "登出", notes = "退出登陆")
    @ApiImplicitParams({@ApiImplicitParam(name = "Authorization", value = "Authorization token", required = true, dataType = "string", paramType = "header")})
    public JSONResult logout(HttpServletRequest request){
        String token = request.getHeader(tokenHeader);
        String userName = jwtTokenUtil.getUsernameFromToken(token);
        jwtTokenUtil.deleteToken(userName);
        return JSONResult.ok("登出成功");
    }

    @PostAuthorize("hasAnyRole('ROLE_ADMIN')")
    @GetMapping(value = "/user")
    @ApiOperation(value = "根据token获取用户信息", notes = "根据token获取用户信息")
    @ApiImplicitParams({@ApiImplicitParam(name = "Authorization", value = "Authorization token", required = true, dataType = "string", paramType = "header")})
    public JSONResult getUser(HttpServletRequest request){
        String token = request.getHeader(tokenHeader);
        LoginUser loginUser = jwtTokenUtil.getUserFromToken(token);
        return JSONResult.ok(loginUser);
    }

    @PostMapping(value = "/sign")
    @ApiOperation(value = "用户注册")
    public JSONResult sign(@RequestBody ReqUser user) {
        if (StringUtils.isEmpty(user.getName()) || StringUtils.isEmpty( user.getPassword())) {
            return JSONResult.errorMsg("参数错误");
        }
        LoginUser loginUser = new LoginUser(user.getName(), user.getPassword(), LoginRole.builder().id(1l).build());

        return JSONResult.ok(userService.register(loginUser));
    }
}
